To err is human, but the human errors made about Kim Dotcom's residency status made by the police anti-terrorism unit - and repeated by the Government Communications Security Bureau - seem particularly surprising.

Dotcom had after all, celebrated getting his New Zealand residency by setting off $500,000 worth of fireworks in the sky above Auckland on New Year's Eve 2010.

Surely, it takes a super sleuth like Inspector Clouseau not to notice or remember that sort of thing.

For Prime Minister John Key, the Dotcom affair has been the second surveillance nightmare inside 12 months.

At the ill-fated Epsom Tea Party with Act leader John Banks, Key had been on the receiving end of a claimed-to-be accidental episode of surveillance - and he later called in the Police to investigate what was treated as a deliberate and possibly criminal breach of privacy.

Quite a different story this time around.

The Dotcom interception was treated as being an entirely accidental matter. Rather than call in the Police, Key called for an inquiry by the Inspector-General of Security and Intelligence Paul Neazor, and those findings were made public last week.

To no-one's surprise, the Neazor inquiry told us only what we knew already - that illegal surveillance had occurred, because of an initial mistake about Dotcom's residency status made by the Police, and not detected by the Government Communications Security Bureau.

Under the 1996 legislation that sets his boundaries, the Inspector-General is not allowed to investigate anything to do with ministerial responsibility or touching on the operational activities of the security services that he is supposed to be monitoring.

Therefore, the Neazor report contained nothing about (a) what the relevant ministers knew, when they knew it and what they did about it or (b) the extent of information obtained via the illegal surveillance or (c) who had access to it, and (d) whether such mistakes are symptomatic of wider failings within the agencies concerned.

That sort of information would inevitably touch on operational matters within the security services, and the Inspector-General is forbidden to go there.

All he can do is assess whether the issuing of the Dotcom warrant met the proper legal test. It didn't, he concluded.

Not surprisingly, the opposition parties have said a more extensive inquiry needs to be mounted.

Just as predictably, Key has rejected such calls as a political stunt, and treated the Neazor inquiry as being sufficient.

In passing, the Dotcom incident has highlighted the inadequacy of the oversight mechanisms for our security services.

In their entirety, the safeguards consist of Parliament's Security Intelligence committee which (notoriously) meets in secret for a maximum of about 90 minutes a year, all up.

Then there is the Inspector-General, who - as mentioned - is severely hobbled by his own legislation, and who has no research or investigative staff to help him carry out his watchdog role.

The implications for Dotcom's extradition proceedings of the Government Communications Security Bureau's illegal surveillance have yet to be revealed.

In the meantime, much more needs to be done to ensure our security services obey the rules.

Having a retired judge pop around occasionally to the Security Bureau's office for afternoon tea and a quick scan of the interception warrants to see if they've been filled in properly seems to be a patently inadequate system.